security(8) check maildir as well as mailbox permissions

[Craig R. Skinner]

Check the security of /var/mail/dirs similar to /var/mail/boxes:

Index: security
===
RCS file: /cvs/src/libexec/security/security,v
retrieving revision 1.23
diff -u -u -p -r1.23 security
--- security21 Mar 2013 09:37:37 -  1.23
+++ security16 Dec 2013 12:05:52 -
@@ -458,9 +458,16 @@ sub check_mailboxes {
my $gname = (getgrgid $fgid)[0] // $fgid;
nag $fname ne $name,
user $name mailbox is owned by $fname;
-   nag S_IMODE($mode) != (S_IRUSR | S_IWUSR),
-   sprintf 'user %s mailbox is %s, group %s',
-   $name, strmode($mode), $gname;
+   if (S_ISDIR($mode)) {
+   nag S_IMODE($mode) != (S_IRUSR | S_IWUSR | S_IXUSR),
+   sprintf 'user %s maildir is %s, group %s',
+   $name, strmode($mode), $gname;
+   }
+   else {
+   nag S_IMODE($mode) != (S_IRUSR | S_IWUSR),
+   sprintf 'user %s mailbox is %s, group %s',
+   $name, strmode($mode), $gname;
+   }
}
closedir $dh;
 }

Cheers,
-- 
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7

Re: security(8) check maildir as well as mailbox permissions

[Stuart Henderson]

On 2013/12/16 12:11, Craig R. Skinner wrote:
 Check the security of /var/mail/dirs similar to /var/mail/boxes:

Aren't maildirs usually in ~/Maildir?

Re: security(8) check maildir as well as mailbox permissions

[Craig R. Skinner]

On 2013-12-16 Mon 12:22 PM |, Stuart Henderson wrote:
 On 2013/12/16 12:11, Craig R. Skinner wrote:
  Check the security of /var/mail/dirs similar to /var/mail/boxes:
 
 Aren't maildirs usually in ~/Maildir?
 

MTA's can deliver to maildirs in several places.

Postfix example (the trailing slash changes from mbox to maildir format):

$ postconf -h mail_spool_directory
/var/mail/

Cheers,
-- 
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7

Hangs with Fuse

[Gregor Best]

Hi Sylvestre,

while playing around with sshfs, I noticed a peculiar behaviour. If I
mount it somewhere and run something like

find /mnt/fuse -type f -name '*.core'

on it, everything seems to work fine until the network connection is
interrupted. The system then hangs, with only the keyboard LEDs like the
caps lock indicator working (i.e. pressing caps lock turns the LED on
and off, but nothing else seems to work). The simplest way to reproduce
this is via something like the following:

sshfs user@somehost:/foo /mnt/fuse
while true; do find /mnt/fuse -type f; done 
while sleep 1; date; done

While that is running, the date is printed once every second. After
interrupting the network connection, for example by pulling the cable,
the date continues to get printed for a few second and then stops.

Is there a way to properly debug this? Are there typical spots in fuse
where adding one or two printfs() might yield further insight?

Thanks in advance,
Gregor Best

Add EMC Barcode Scanner to usbdevs

[Thomas Pfaff]

Add IDs for Elan Microelectronics barcode scanner (from usb.ids).

uhidev1 at uhub3 port 4 configuration 1 interface 0 vendor 0x04f3 product 
0x0001 rev 1.10/1.00 addr 3

uhidev1 at uhub3 port 4 configuration 1 interface 0 Elan Microelectronics 
Corp. Barcode Scanner rev 1.10/1.00 addr 3

Index: usbdevs
===
RCS file: /cvs/src/sys/dev/usb/usbdevs,v
retrieving revision 1.617
diff -u -p -r1.617 usbdevs
--- usbdevs 13 Dec 2013 17:38:38 -  1.617
+++ usbdevs 16 Dec 2013 10:30:55 -
@@ -148,6 +148,7 @@ vendor SAMSUNG2 0x04e8  Samsung Electron
 vendor ANNABOOKS   0x04ed  Annabooks
 vendor JVC 0x04f1  JVC
 vendor CHICONY 0x04f2  Chicony Electronics
+vendor ELAN0x04f3  Elan Microelectronics Corp.
 vendor BROTHER 0x04f9  Brother Industries
 vendor DALLAS  0x04fa  Dallas Semiconductor
 vendor ACER0x0502  Acer
@@ -1569,6 +1570,9 @@ product EICON DIVA852 0x4905  Diva 852 I
 /* EIZO products */
 product EIZO HUB   0x  hub
 product EIZO MONITOR   0x0001  monitor
+
+/* Elan Microelectronics products */
+product ELAN BARCODE   0x0001  Barcode Scanner
 
 /* ELCON Systemtechnik products */
 product ELCON PLAN 0x0002  Goldpfeil P-LAN

Re: Hangs with Fuse

[Sylvestre Gallon]

On Mon, Dec 16, 2013 at 5:35 PM, Gregor Best g...@ring0.de wrote:
 Hi Sylvestre,


Hi Gregor.


 while playing around with sshfs, I noticed a peculiar behaviour. If I
 mount it somewhere and run something like

 find /mnt/fuse -type f -name '*.core'

 on it, everything seems to work fine until the network connection is
 interrupted. The system then hangs, with only the keyboard LEDs like the
 caps lock indicator working (i.e. pressing caps lock turns the LED on
 and off, but nothing else seems to work). The simplest way to reproduce
 this is via something like the following:

 sshfs user@somehost:/foo /mnt/fuse
 while true; do find /mnt/fuse -type f; done 
 while sleep 1; date; done

Did you use the last snapshots ? If yes you need to recompile your
libfuse and your kernel to get the last changes.

We have solved some issues like that with pelikan@.

I've tested your command it seems to works well on current for amd64.
When the network is down all vfs access get timeouts but I've no
freeze here.

Cheers,
-- 
Sylvestre Gallon

Re: Hangs with Fuse

[Gregor Best]

Hi Sylvestre,

 [...]
 Did you use the last snapshots ? If yes you need to recompile your
 libfuse and your kernel to get the last changes.
 [...]

thanks for the clue bat. Not upgrading libfuse was indeed the problem.

-- 
Gregor Best